InfraCloud
SRE- Security Engineer
Vaga remota de Security Engineering com fit claro de localização do candidato.
Publicada5 de jul. de 2026
Países elegíveis1 país aceito
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Índia
Resumo da vaga
SRE- Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Kubernetes & Platform Security
- Design, implement, and maintain security controls for Kubernetes clusters and containerized workloads.
- Establish and enforce Kubernetes security best practices, including RBAC, Network Policies, Pod Security Standards, admission controllers, and secrets management.
- Secure container images, registries, and deployment pipelines.
- Perform security assessments and hardening of Kubernetes environments.
GitOps & CI/CD Security
- Implement and maintain secure GitOps workflows using Helm and ArgoCD.
- Integrate security controls into CI/CD pipelines, including automated security scanning and policy enforcement.
- Review deployment processes to ensure compliance with security standards.
- Collaborate with engineering teams to embed DevSecOps practices across the software development lifecycle.
Threat Detection & Incident Response
- Deploy, manage, and optimize security monitoring and threat detection solutions.
- Configure and maintain runtime security monitoring using Falco.
- Investigate security alerts, incidents, and suspicious activities within cloud-native environments.
- Develop and maintain incident response procedures and playbooks.
Vulnerability Management
- Manage container and infrastructure vulnerability scanning using Trivy.
- Analyze security findings, prioritize remediation efforts, and coordinate fixes with engineering teams.
- Track vulnerability metrics and ensure timely remediation of critical risks.
Security Monitoring & SIEM
- Deploy, configure, and maintain Wazuh for security monitoring, log analysis, and compliance reporting.
- Create detection rules, dashboards, and alerts to improve security visibility.
- Correlate events from multiple sources to identify potential threats.
Application & Web Security
- Implement and maintain Web Application Firewall (WAF) solutions.
- Conduct application security assessments aligned with OWASP Top 10 recommendations.
- Work with development teams to identify and remediate application security vulnerabilities.
- Establish secure coding and deployment practices.
Governance, Risk & Compliance
- Develop security standards, policies, and operational procedures.
- Support security audits, compliance initiatives, and risk assessments.
- Maintain documentation for security architecture, controls, and operational processes.
Technical Skills
- Strong hands-on experience with Kubernetes (K8s) administration and security.
- Experience with Helm and ArgoCD in production environments.
- Experience implementing GitOps and securing CI/CD pipelines.
- Expertise in Falco for runtime threat detection and monitoring.
- Experience with Trivy for vulnerability scanning and container security.
- Hands-on experience with Wazuh SIEM/XDR platform.
- Strong understanding of Web Application Firewalls (WAF) and OWASP Top 10 security risks.
- Knowledge of container security, image hardening, and Kubernetes workload protection.
- Experience with Linux system administration and security hardening.
- Familiarity with Infrastructure as Code and automation practices.
Security Knowledge
- Container and Kubernetes security.
- Cloud-native security architecture.
- Vulnerability management and remediation processes.
- Security monitoring, incident response, and threat hunting.
- Identity and access management principles.
- Secure software development lifecycle (SSDLC).
Preferred Qualifications
- Experience working alongside SRE, Platform Engineering, or DevOps teams.
- Security certifications such as:CKS (Certified Kubernetes Security Specialist)CKA (Certified Kubernetes Administrator)CISSPGSECSecurity+
- CKS (Certified Kubernetes Security Specialist)
- CKA (Certified Kubernetes Administrator)
- CISSP
- GSEC
- Security+
- Experience with cloud platforms (GCP, AWS, or Azure).
- Experience implementing security policies using OPA/Gatekeeper or Kyverno.
- Knowledge of SOC operations and compliance frameworks (ISO 27001, SOC2, PCI-DSS, NIST).
Details
- CKS (Certified Kubernetes Security Specialist)
- CKA (Certified Kubernetes Administrator)
- CISSP
- GSEC
- Security+
Vagas similares
Mantenha uma lista reserva.
AWS, Azure 38 países aceitos
Staff Enterprise Security EngineerBoxVer vaga AWS, Kubernetes 3 países aceitos
Staff Software EngineerAmplitudeVer vaga AWS, Kubernetes 13 países aceitos
Senior Backend Engineer (AdTech)Leap ToolsVer vaga AWS, Kubernetes 13 países aceitos
Senior Backend EngineerLeap ToolsVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.